Air Serbia, the national flag carrier, is currently grappling with the aftermath of a significant cyberattack that has disrupted internal systems and raised concerns about potential data compromise. The incident, which reportedly began around July 4th, has sent ripples of concern throughout the aviation industry, already on high alert due to a surge in sophisticated cyber threats.
Internal memos obtained by various media outlets reveal the depth of the compromise, indicating a “deep breach” of Air Serbia’s Active Directory environment. This has led to immediate and noticeable impacts, including the delayed distribution of June 2025 payslips for staff, though salaries were reportedly paid. The airline has initiated multiple waves of company-wide password resets, installed security-scanning software on endpoints, and significantly restricted internet access, limiting it to only a few whitelisted internal pages. Data centers have also been shifted to a demilitarized zone in an effort to contain the breach.
While Air Serbia has officially confirmed it was the target of a cyberattack and stated its IT security team is working with external experts, a public disclosure regarding the full scope of the incident, particularly concerning potential personal data compromise, has yet to be made. This lack of transparency has reportedly fueled fears among staff regarding the safety of their personal information.
Sources close to the investigation suggest that attackers may have had access to Air Serbia’s systems since early July, with a suspected infostealer malware involved. Though no ransom demands have been publicly reported as of mid-July, security experts warn that infostealers often precede more severe attacks like ransomware.
This incident at Air Serbia is not isolated. The aviation sector has witnessed a alarming 600% year-on-year increase in cyberattacks between January 2024 and April 2025, according to a recent report by Thales Group. Airlines, with their vast troves of personal data and interconnected operational systems, present lucrative targets for financially motivated cybercriminals and even state-sponsored actors. High-profile breaches at other carriers like Qantas and British Airways in recent years underscore the urgent need for robust cybersecurity measures across the entire industry.
As Air Serbia battles to restore full operational integrity and secure its systems, the incident serves as a stark reminder of the escalating cyber threats facing critical infrastructure globally. The coming weeks will likely reveal the true extent of the breach and the long-term implications for the airline and its passengers.
![Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]](https://sumtrix.com/wp-content/uploads/2025/06/30-12-120x86.jpg "Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]")
